Easysoft
CVE-2026-22614
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The encryption mechanism used in Eaton's EasySoft project file was insecure and susceptible to brute force attacks, an attacker with access to this file and the local host machine could potentially read the sensitive information stored and tamper with the project file. This security issue has been fixed in the latest version of Eaton EasySoft which is available on the Eaton download centre.
AnalysisAI
Eaton EasySoft project files use weak encryption vulnerable to brute force attacks, allowing local attackers with file access to extract sensitive information and modify project configurations. An authenticated user on the affected system can exploit this weakness to compromise confidentiality and integrity of stored data. No patch is currently available for this vulnerability.
Technical ContextAI
The encryption mechanism used in Eaton's EasySoft project file was insecure and susceptible to brute force attacks, an attacker with access to this file and the local host machine could potentially read the sensitive information stored and tamper with the project file. This security issue has been fixed in the latest version of Eaton EasySoft which is available on the Eaton download centre.
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-257 – Storing Passwords in a Recoverable Format
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today